df2b80462a816f6754996d1e8e1af1182f44afd3c185db6537d133a4b1a5975c

Sharing

Copy URL Twitter E-mail

General

Target

df2b80462a816f6754996d1e8e1af1182f44afd3c185db6537d133a4b1a5975c
Size

996KB
MD5

3c5820de2491983b4de5416325734120
SHA1

e0d14526f176f57dc1b6947d7d20648790732bf0
SHA256

df2b80462a816f6754996d1e8e1af1182f44afd3c185db6537d133a4b1a5975c
SHA512

5e607e2ad4f2910c5efdc410099d417ad83d5a1bdadd1b6f07a0718e712067e119dc6f08163396ecb608fee49b19a29905389bd1c7dd04ba460075d61072ce82
SSDEEP

12288:GalrkJQhaFkQPgD6OKBAGiJXF2lZuMvudm6HRW3Wjo3d2l8W9GP2Cj:GalrZoTtoXGZBvMFYP3tiGP2Cj

Score

N/A

Malware Config

Signatures

Files

df2b80462a816f6754996d1e8e1af1182f44afd3c185db6537d133a4b1a5975c
.dll regsvr32 windows x86

55aa2b0ff5fec6ceec9e9981a16afcfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GlobalFlags
GetFileTime
RtlUnwind
HeapFree
RaiseException
HeapAlloc
GetCommandLineA
GetThreadLocale
HeapReAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
SetStdHandle
GetFileType
HeapSize
GetCPInfo
GetACP
GetOEMCP
GetStdHandle
HeapDestroy
HeapCreate
VirtualQuery
LCMapStringA
LCMapStringW
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
DeleteFileW
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
DebugBreak
GetFullPathNameW
GetTempFileNameW
GetTempPathW
IsDBCSLeadByteEx
CreateFileW
GetVolumeInformationW
FindFirstFileW
FindNextFileW
FindClose
SetErrorMode
GetModuleFileNameA
lstrlenA
DisableThreadLibraryCalls
GetVersionExW
GetTickCount
GetCurrentThread
FreeLibrary
VirtualAlloc
CreateSemaphoreW
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
lstrcmpW
VirtualFree
GetSystemInfo
ReleaseSemaphore
ResetEvent
InterlockedDecrement
InterlockedIncrement
lstrlenW
GetStartupInfoW
lstrcpynW
OutputDebugStringA
GetModuleFileNameW
SetLastError
GetLastError
LoadLibraryW
GetFileAttributesW
GetProcAddress
GetModuleHandleA
SetThreadPriority
WaitForMultipleObjects
FindNextChangeNotification
Sleep
GetVersion
TerminateThread
FindCloseChangeNotification
FindFirstChangeNotificationW
MulDiv
CreateThread
GetModuleHandleW
SetEvent
CreateEventW
InterlockedExchange
WaitForSingleObject
CloseHandle
WideCharToMultiByte
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap

user32

GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
SetWindowsHookExW
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetTopWindow
GetMessageTime
UnregisterClassA
MapWindowPoints
TrackPopupMenu
GetKeyState
LoadCursorW
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
PtInRect
GetDlgCtrlID
CallWindowProcW
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetWindowThreadProcessId
GetParent
GetLastActivePopup
IsWindowEnabled
GetMenuState
GetMenuItemCount
GetSubMenu
IsWindow
InflateRect
CharLowerBuffW
UnionRect
SetRectEmpty
SetRect
IsRectEmpty
CopyRect
MessageBoxW
EqualRect
DefWindowProcW
ShowWindow
MoveWindow
GetWindowLongW
PeekMessageW
RegisterWindowMessageW
GetCursorPos
GetMessageW
DispatchMessageW
TranslateMessage
LoadIconW
GetSysColorBrush
UnregisterClassW
CharUpperW
SetCursor
ValidateRect
DestroyMenu
EndPaint
BeginPaint
ClientToScreen
GrayStringW
DrawTextExW
TabbedTextOutW
IsWindowVisible
DestroyIcon
SystemParametersInfoW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx
SetForegroundWindow
SetTimer
PostMessageW
AppendMenuW
CreatePopupMenu
GetSysColor
GetClientRect
InvalidateRect
SetWindowLongW
GetDlgItem
GetDesktopWindow
GetWindowRect
DestroyWindow
CreateDialogParamW
EnableWindow
SendMessageW
wsprintfW
GetDC
ReleaseDC
DrawTextW
IntersectRect
OffsetRect
GetMenuItemID
GetMessagePos

gdi32

PtVisible
RectVisible
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
GetDeviceCaps
SetWindowExtEx
ScaleWindowExtEx
GetStockObject
RestoreDC
SaveDC
SelectObject
SetTextColor
DeleteObject
SetBkMode
SetMapMode
ScaleViewportExtEx
GetObjectW
ExtTextOutW
CreateBitmap
SetBkColor
GetClipBox
GetKerningPairsW
CloseFigure
EndPath
GetPath
AbortPath
BeginPath
GetTextExtentPoint32W
TextOutW
GetTextMetricsW
AddFontResourceW
TranslateCharsetInfo
CreateFontIndirectW
DeleteDC
CreateCompatibleDC
CreateDIBSection

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegOpenKeyW
RegCreateKeyExW
RegCreateKeyW
RegSetValueW
RegSetValueExW
RegEnumKeyExW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
RegDeleteValueW

shell32

SHGetPathFromIDListW
ShellExecuteW
Shell_NotifyIconW
SHBrowseForFolderW

shlwapi

PathRemoveFileSpecW
PathStripToRootW
PathFindExtensionW
PathFindFileNameW
PathIsUNCW
UrlUnescapeW

ole32

CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoInitialize
CoFreeUnusedLibraries
StringFromGUID2
CLSIDFromString

oleaut32

SysAllocString
VariantChangeType
VarBstrCmp
SysStringLen
OleCreatePropertyFrame
VariantClear
SysFreeString
VariantInit

wininet

InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenUrlW
InternetGetLastResponseInfoW
InternetCloseHandle
InternetOpenW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable

Exports

Exports

DirectVobSub
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
VirtualdubFilterModuleDeinit
VirtualdubFilterModuleInit2
_AvisynthPluginInit2@4
_AvisynthPluginInit@4

Sections

.text
Size: 624KB - Virtual size: 623KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

_TEXT64
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 184KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

55aa2b0ff5fec6ceec9e9981a16afcfd

Headers

File Characteristics

Imports

version

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

wininet

Exports

Exports

Sections

.text Size: 624KB - Virtual size: 623KB

_TEXT64 Size: 4KB - Virtual size: 1KB

.rdata Size: 184KB - Virtual size: 180KB

.data Size: 40KB - Virtual size: 61KB

.rsrc Size: 20KB - Virtual size: 16KB

.reloc Size: 60KB - Virtual size: 59KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 624KB - Virtual size: 623KB

_TEXT64
Size: 4KB - Virtual size: 1KB

.rdata
Size: 184KB - Virtual size: 180KB

.data
Size: 40KB - Virtual size: 61KB

.rsrc
Size: 20KB - Virtual size: 16KB

.reloc
Size: 60KB - Virtual size: 59KB

.rmnet
Size: 60KB - Virtual size: 60KB